Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Symantec: Profit-Driven Cyber-Crime Wont Stop



 By: Matt Hines
2006-11-17
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Of all the IT threats facing enterprises today, the growing trend toward criminal attacks seeking valuable information and tangible assets will dominate the security landscape in years to come, according to researchers at the company.

Enterprise security systems will continue to be challenged by increasingly sophisticated threats launched by criminals seeking to steal sensitive information and material assets, according to top researchers at Symantec.

While less-organized hackers and spammers will hammer away at network defenses with large volumes of simplistic threats, the emerging generation of professional cyber-criminals armed with cutting-edge malware code will only grow stronger and more evasive, said Vincent Weafer, senior director of development of Symantecs Security Response research division, in Cupertino, Calif.

Those criminals will increasingly blend multiple forms of threats to evade security programs and make their work harder to detect, mixing up cocktails of polymorphic viruses, rootkits, and zero-day exploits delivered via image spam and powered by far-ranging bot networks, the researcher said. Weafer contends that even as companies adjust their security systems to ward off such attacks, cyber-thieves will react quickly and tailor their work to target specific organizations and users.

The evolution of malware threats into hybrid attacks will dominate the high-end of the hacker community in years to come, he said, as evidenced by the 23 percent increase in malware-laden image spam e-mails that Symantec has tracked over the last six months. Programs such as the Rustock Trojan horse virus, designed specifically to evade advanced heuristic security systems, will become the norm among the most talented attackers, Weafer contends.

Resource Library:

Some of the best evidence of this trend can be found in todays rapidly morphing botnets, which are becoming significantly more difficult to shut down. Whereas the behavior of traditional bot systems could be detected relatively easily by security systems, and researchers could work with ISPs to find and shut down Web sites hosting the attacks, criminals have already taken their work to the next level, using legitimate sites that have been hacked to further cloak their efforts.

"Unlike the old days where botnet hosts reached out to a single site to update, were now seeing them going to legitimate sites and then redirecting to other URLs, which is undermining our ability to choke off the source," said Weafer. "Based on the ability of existing security systems to catch most of the low-level attacks and spam, the perception among [CIOs] is that things are getting better, but things are actually getting worse, driven by the ability of hackers to generate profits."

In addition to ramping up their technological efforts, cyber-criminals are also adopting new social engineering tactics that are helping them get over on even the most wary users. Symantec has recently observed at least one attack that used names taken from an investment companys customer newsletter subscription database to lure people into swallowing its bait. The use of data-mining technologies to piece together multiple streams of information that can be used to target a specific company or user will only increase, the researcher said.

Symantecs software is tops at detecting and removing stealth rootkits, according to one study. Click here to read more.

Another so-called threat vector with growing popularity among the malware elite is the use of Web services technologies such as AJAX (Asynchronous JavaScript and XML) by Web site operators. Since developers are using the technology—meant to boost the interactivity of their sites—without understanding its security implications, hackers are already having a field day exploiting its shortcomings.

"Companies are using just-in-time AJAX developers who are building Web pages as quickly as possible and leaving the door wide open for their sites to be used to carry out all sorts of attacks," Weafer said. "The malware community is looking for new ways to cloak their work behind legitimate business and AJAX is providing that opportunity; as the criminals discover more of these vulnerabilities, theyre only being inspired to create even more attacks."

Yet another emerging weak point in enterprise system defenses is the growing adoption of smart phones, more PC-like handhelds that are typically linked to internal e-mail servers and CRM (customer relationship management) applications. While few attacks aimed at such devices have been seen in Europe and North America, hackers in the Far East, where handhelds have already become many workers primary computing device, are showing signs of things to come in the West.

Among the mobile attacks already being observed by Symantec in Asia are targeted phishing schemes delivered via mobile spam and malware that seeks to steal user data when the handhelds are being used to carry out financial transactions.

"Were only starting to see people in Europe and the United States begin to use their devices in the same fashion that people in Asia have been using their phones, but the applications are being written today and the attacks wont be too far behind," Weafer said. "As you see transactional systems put into place allowing businesses and end users to adopt new wireless applications, suddenly the mobile platform, which has been pretty much left alone here, becomes very attractive to those with the skills to attack it."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.



  Reader Comments: Symantec: Profit-Driven Cyber-Crime Wont Stop
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Matt Hines
 


x}r8s;iW1ŋvI$Wiڶ<<ձZ$)RCRս~fMZllDf"H$#spI"nZ΄\¦pCH$qpw}L9UQ##3W)9bPs4mMzΠN@\~}@^fwD%x_'Щѩ€wɔZiPلQ?>}^~b .hqL⎳IlG-tuG`izN<1Q'u)pGEQ6 k[ tVN T| pgL&þ=az5ExLԸ#|x\'gOɀYF {.Qu^?1ٮq 4]b'*cO^3lְB䅠1FE/t#wJ;q'9"ScO$աUNIp/0Q#@oڮS.WHVf̲;guGgbGMҷG(&$g v?ƭkv8j[0~b[>4Irp\& }=:ҍۉ.,<4]Ԓ],r"U)] S Ї@2zz`Nzt\a_eY7󦻀Ͱ-6@6M-jZUQN bk'o[©̝ wQk\)(eUu7ٺs mm)kCqm]}ꜟGr ] + NwRߘ 0QT&*rp2K2A 1uf`rM7JQ߸+ZVD+(.#-b{OaF`%pfQUr򳹥s9\_]w2>^w;g>ߘegfy3?b Jw3F~ oV7gkew'gk|:}d#t6 +?[8VV'_ZU/v vO{uH0|kh2`cRZIjgdڽULxyEr,Z?> . !Ow| nr2GrI/]o"$̛cM|Ih6M2Tc]Njǩo_ VYKS73_?]=nZK0[=RFp\ Дa#\ذ 1"%̛hJHe $}ВEtBAͨ8 .)J!"xN3E !\J!}! g|8Jnj? [&feݜl҅5]Wa>ުG\zLguMW~?]tLqJjpX.B2iKB0qj껛Z\MG_)Ab/*5U9-|Qnl :2X jX3nұ~^AgIObV鎓x>:AGAticšh4>XnL-rӇtu4A.{ݣn<&tayXŞ+LQ^i50CGE 6]LR}>tq HhQ0<sz0Y[3衟#j{7t$t,/{D`\@89HpyY?>o ߃5#z[-[Y6x GͅA }SP|'sZn( 7^a{""D% T h4AEENNA7;.VKŤ\*y"J]':݉;TKRx&,S,BV-KᗄPf%i2mhƦń(VFNl(0Vf).,$MX&~%\Ew,t3Asq=7Z߄s w,0`6Ê0ӊYsS s>xFX~GMm ݜY,1%&B~`Z&4$ 7u%>5SN`cܒ^̜07ÚL ~D͏3 @}(N5i :SڶESC7wUBgsNPB/W2 \_&6AB5 6d:ɤPl';oW f4ݤ|r%eGR{`CLE2a3?%nQ/|ԝQ;BZsOsR|$g:[H57˶EI8JG۵a]ik#T87Bɶ/ªxkP1F񵖶Rkυ ò =2P2 Cx EZ҆·=k}0\Pe_M }dҶê%M*ګY3ld tAqFAݔ`,@ELl5KWթr@4=&.HۮC>,<<fRO]?APSt @IU5} o _׆K rȁUrqҝ|ma?묯 {eSKZq6Ϯ; V!2D+ه0`-EF>ZB_a /Ƥ_&I?րH{A2,exY΁5mI]v 'Yw$ EiRKr9&gֈzI4e$]og ĕa/aOY*#؋ko` 2l3sG/.vrw݉M% y|3όe֛JmHo(: gn=%W9S˰p)c# ,c?` $̮$fG`ӧ cM)gHF(9 .KTNjZj%N+kN$*X  d5}u*ZWۮ`⬅Cc$ D!S#2z q[kh0hmf;wԪ6 h)-XS!RW dĞee[UӴuZCP,*/y3p{"s-_M>-lwa;pi#uQby.Am!/r/}6&q3旉 hy2檦b,4Ω,6 خiϺV6e1c'}VEpaNqgT7ns UI9T[b9Ji?06@yZI@j5VF`Y V8$g;}'D`T0΁MO0=@" c].2|Y_x1O-i }SU!ה*eɢ(Ъ6#iB/%ex.N1 Qv}b;LʺHG٭PS682V6J\)aoA~V0`A#g0k(GO7)~ (zC9kmuA>PU]|T&#UX)TԒP?YTAte])n?cVPVW`Zd&{\%\{ i0o)Q멋r3["X.DД7Ϩ;Rb  kQh>g[,]E11a֒\zF_ɾj,8Aϐa6(V4Sk$ V`!W1d|PR (ʉ=`=`6vuN .@dAAnpz!NU HU*4Дke;ѓ:)K#§{yRb}b%%h8W6Brc'?<Ds`Zta^c!SVHl7s`#u&_ |3$?[Н>u?y{bo&=)sǣAΚg伅q+Ë~sQWV{09}sB8{qO+n<]1n舧lLgI"ɫzw7}\8%/+w|621@7Yu (f~\;pOڠcc}d<ݸw[f1vÉp ÷'P I!#]bwQ;=\yÞYiIMJ\-"Pn-]MT-^\RK>^+U@< b[_I{tHz:ؠN Ħ7sgGcef7XcŸA!{zcˮ&CX s?4hg`zc{ƹ#39x <v<.߯;ݙ8)<A~A< vD4);˷xΛz}in7d⫆܎m õcV`j8OHjw{'/G'?[w{gE|7̔u\wךW)&5ŗ./4y˭0L L ܻ'Vx吸[b[0| |NKGֈe[a32O2Yf]-Kş|X`ˤ~[bNO^%'L1T5Eac[#}ԧ3ˁmq Y=# mj۪hJMϘW@u0Goqև6C6ދϐ* Xs>fXsq4ۇ מ=F3W*;weg;ld",q*0r-Li[hCFÓW 8 n+l9U:-6ɄXqr8Dd,OͅJ%B1'sңA8YMbDp¹⇉9 :x2j`{/ Y: &.0,Î3mbpey X̧'vGl+JŴNL;1- $3o9&x#XY7%WCޮ8ՐDJ't*0bղvUkZZdbג 69ȌXmMEcNj7;[㱉3PL 6  ;8a1W [%q(ji7N{*64^^t F7xďz6k}}-BΠ{ԺNKZr(bUF-gZ~vŶFg'&d{fX؁ȦkZ[ޗCȍprD)n0% e"ƹ)D}4%q`4VR:\CoZ5%S RDܾ΍ߪp)`eIU%6y/3T W{tRϤ>*tUf(}*U 7#k#@x`;N;J<2؇lcך{1M F+4gh5a~}Ҝ #`'A! PBxfCG=URTmW)׈<re%xb빭T_3 Ʈ'eE*TZન#F4BF$q *R { ${!25^O-ƥg`h<}Q4eWn,T|vڕ, %Rື[X9_)G}m{fcǂSݹZ.W ͐›!L6hvh_t!^R?3+]⪕%Zl`^íJn08fo?hm-:.UrMI<1$.nctп6r )4 f+KF)<ۓgdCooNooo=_kc^e):L7l2,މvg˗n`V Ձ=Χ VP$D8$" m7S<M2vP#$^hS{G.yy;<t9{ls0Q[+%@#.@pr@ƭԜP B دLQxi'i轻}b)uMKe-!taq\, Wv*:;ϋ91q;"zxU`.Fb@Km}0@x)ic%,gL|eNG0NB$y碍KjEԟJߑJiE æczeJ.Y|iHmlQ@  +6!CH}0oQyG(&[t/vGv;x ׮7cĹj1ޔ 8-%1pI.i2@s`1s_>z{J5cGV+v"ĮOW9gJ_``2X:~ u@KJAsXz _gUDztj4%<.ᅑR7¡Z~c#$j37«9< 77S~=EiY49/ qߗGs~s~s~s~s7q*Y5sk :+L3sO%[D5m?]w;`ŮhwԎtw)Px[UA ,w!?3 IH>5#uJW5,tXؘ >\Cr:34E%W6ϧKS'{I!`d (?uWL͑)Lomao_" x.^ߵP šZ@uE,ݿl}>tX&9]_QD3' 1Ǝ_CkS3sKxKAdtQ˧G;C3#9JB_h~6v-׵*_ EH-zdL %_hކVc[V[H'L=!\ v">h/sو%tNos;vVK+x۫mmwrsݶݾ&⫽iPOŗ@ir_|k i%" f+ߚz*Bך6;7o_vj}kn1kk3&GA-[&6௶cul9w/r=}WѶe=:sZY,eeX6u糉fGc~P2oH3@84[I/NlI*$8&wM$QqD3q/6%X{["?R,kc \&=:\ãC9TJ|Ns-E ~6oD_"v9ss<`K2`ӶW뿓$yr1n9>`,C&&H909Ĵj3"g3Z`{ᅻ~GeSlSٿgG^;R`܀*ZWqi4sυۯ?s{1U _iH鎸:"$:Du(4g@a}IޞC4[,h6ߦ`a3X`2Ey/81q8GGa)lz' ¤Yt'O|o6D2~( " <7ܕ= =u _I O6bkek/('>?G}[:^G+NJ A^ XckjrD,?t$"R6./> 6l?QX2rʱҲC5$a8FSYh9}u!ncbkn\hu,zVdqK2&/ #zй>3&ޓME*ނ0HS&B@JVH4i\|^sH r3#mz^C GJk&p]Vy k+Lx}_8Ow| 􄼥޼voO%YթHlݹ䮏|5<)6ڢR; |n*C@"xGlSaZ ~r1sɖ*1̮q{B ?'ZA)rd<on]\+UMhբ f9FZ볋Y9!_X>=`zҧEd#usK%XSwX^bp )dtpr+>"AeklN,OZAr|\۝5ʷ'XS#AHwa+^Rc"Wc-6[8Y Ҧ3F;6CWѵvATJ&|<%hPYD\?buwι\` ^XYrV*-^a;%U$d[i4+"¨ӔAJ0%;cG]epсHs`w~m{9`VŘMvZgU!TQLm-W1儔wJzNۢY14ƿB< EӣM(<ĘCd  Ą;)bUfwܠ~z*ڟOe^#nZU9|{FGȚX7t("J w mm@+>N d`(8NL}d+GVzK"?{|1 &̋XH t<.$:)6ɝ2M</2zޘ<p" Y8ZW7}D'鍀ItV+62s36w2:itn:_srٹwu=<cKwB&8"xay-@_q&=;5g9asH ]TW\Afxƭ x7t'le1u챿qa)ԗ?D8f[H sO֨wn~+55 8p.pgj=U%{&P9 dU {_}&i'[ք aIJzAʸH 1bNx 1|'tĆMGQ^11Faŷ~(l;b21xL|9O_+Djc<&]ΰ*@;`g*o#!L)%n67p>9\ؘpF AuA"\2,GOwe~l&ar[fV 'p͒wys6t0^Q#1e&F,|Ǯ %nK ᩋb$P!%h$`x=9`5]B2߰*>gٕa)豪/71"fY3{8~JOz%ruW0`A='i92fg4t\K ,C?"&O=lFLr5WWY4uCOՠۻ$ ¶6-r5uڟ[gury}<18kyol2/*˙/Q9l^t83΄ksYx9% y*wf8lIwO;8Rn} QJNi21uSl;M֎C|~ƫx]jI53;mx9j0C=W܄qP ";ր.;FhRs`__׌k(^j63{P(GNl/o ڝ}2>?BƇn;3ʡ݌{Qf~K?3^~3l׸ " {A E}. /?/2"?QF/32?@A2/"2c|/A~.32cz^F{z_?2 ޿x:?>7??}OP)'ߧ @MV9M@7d_ryʛrּ…)iFy)8RErXB]eנ{'sg'UN+ťW*7YKxM}%kg[V1nvd}אG{1&x7&e^>&c˼$=)>w懤Ixʹ]!&JR˯-cENj9.~QJxdJ$dZ+mȾ=`T$%"/ܻ Gz‰nQ!/L2~<̎ nOArnC7}Fn_x` ~iMnڧ\Epuk;ُϋGkwՍƆ }3b 5?'OxVp:y.p&#ӄY#DӼflz4}z<8JZx⦰ L zɜB΄[5Wпcps%(m- 5t0=_2nu–'*F;BλNkMErly0+l>`$X5RǬ}@ӟ}Q!zfU>1x6,0Gɷ1i(|/.@Z/`3q&f\c7Z٥v͘E >qJf|3h_u4j V$1x$05:%xlӍQfk˩9s J}Xe 40'O>8Ï }CqzvtsƱ EiqgM?"d`愄-]ʄ;M:D@z_L& $Ҵ`Uf}^$u70H-x [%́}v`礿Lx0LJ ?Y>KGJLƎ$z6o9/F{] ,L6 郧rSl+Ġ2>g'4WBMxYMw]&+ N݇Є20 ł霰)#,|H𵽦^̀t>u>+w!|۔d |A«U/m# 1,ڞ1H E]{)~xfA߯u]NDπiMMf@gU(VxR7!Q۝cNm% 1o)%6f*o+:Oe{BI<ŗ-<>,D*9"[ %P@EikEou{DqkN'%}YQ v.yhFʪv\NT~7)JrHqpC>~EE`A_eD$v(tω^fGnSr!O,Gw U|ٳs9cbV)qeFӧ-[&@#-U`0v4aehv =ձ]w O`7@#>Ƌ ӛKx_ԕM`wg#~"3V;œA6hXB& `܈}olI #OxCr:vWY W96O~0qGĮ2C|R4upvVR ?93_樕IWWv:yDtE h#_2sU>vį-yJ^Su 7tlcb @JQ >E73D*|X^c 0У,&09G5-E6<:=܈x~{ݾŀg [3HTx.،U\(6lBTFM¾":u`x~w{&}ecEP1W?&Il} ralX ^+o;Љev;7ǿaj,eH&}qd.GDI qkm-ma4,Lb="[_QI(`X3|"@a)5ZBLNw Po3pRaL (b[и^5FElT$bB9YAC9Xqk @nBO]sL&j,1s,@= փ W{څGSy6:|,݈bVS"Nd׊rI-9['60M؏ÄrM"5roq=yeיJ8 pKxqBa0SSQ2$Y":xqeaVt*N睵 P.Y{TO3uG???;w a% ѨT\t? 7z,lݸ奧/{/RXFYZR$Du $RzWv{>Y/9 ~c Wh_`<y &gknuU+kD;ydMn+:cSEᘸe=)jaKm9n~;1{l~r;)#Us̥D4^JBpzh6